SecDevOps Fusion Course

This course trains you to become a professional Security Engineer capable building and maintaining high security assurance applications and networks deployed on-premise, in datacenters or in the cloud. Some of the things you’ll learn:

Writing high-assurance web, network and mobile applications

Building high-assurance Linux and Windows networks

Monitoring, containing and recovering IT assets that have been compromised

Creating continuous security integration and development pipelines

Writing APIs to integrate security tools into CI/CD pipelines

What it takes to build a career as a Red Teamer

Protecting enterprise cloud security accounts

Course Outcome:

By completing this Fusion Course, you will become a qualified professional Security Engineer capable building and maintaining high security assurance applications and networks.

Once you have completed all the exercises in this training, you will be required to pass a final online assessment to receive the MSE – Certified Security Engineer.

Intended Audience:

Students who want to become professional Security Engineers.

Trainer:

This course is taught by experienced Mossé Security’s instructors. Our instructors have over 10 years of experience delivering penetration testing, red teaming and incident response services for a multitude of industries that have involved complex and multi-faceted approaches. Our instructors each possess the right balance of corporate experience and are competently skilled in presenting and teaching to groups.

Beyond their technical abilities and years of professional experience, our instructors are also trained teachers and public speakers. Their manner of teaching easily conveys their passion for computer security to every one of our students.

Course Outline

Module 1: The Professional Security Engineer

Prior to the DevOps movement, most security engineers focused of their efforts to deploying new security products in client network environments. However, this approach has changed, and security engineers are now asked to write secure code, automate the deployment and management of security controls, protect enterprise cloud accounts and much more.

In short, security now must be completely embedded and participate to the development, maintenance and operations of applications and networks.

We begin the course by explaining what the role and mandate of the Security DevOps Engineer is and what you need to know and do to succeed in it.

Module 2: Application Security

In this module we impart best practice approaches to build high security assurance web and mobile applications. Some of the subjects covered:

Authentication

Authorisation

Cryptography

Input Validation

Session Management

Error Handling

Secure Configuration

Anti-Automation

The module is supplemented with online exercises for you to put everything into practice.

Module 3: Infrastructure Security

We impart best practice approaches to build high security assurance Linux and Windows networks. Some of the subjects covered:

Privileged Access Management

Application Whitelisting

Patch Management

Application Hardening

Content Filtering

Network Segmentation

Intrusion Detection and Response

Backups

The module is supplemented with online exercises for you to put everything into practice.

Module 4: Cloud Security

We impart best practice approaches to manage enterprise cloud environments and assets. Some of the subjects covered:

Account Security

Identity and Access Management

Network and Instance Security

Encryption and Storage Security

Micro-Segmentation

Virtualisation and Containers

The module is supplemented with online exercises for you to put everything into practice.

Module 5: Automation and CI/CD Pipelines

We impart ways and approaches to integrate application and infrastructure security into continuous integration and development pipelines by way of automation. Some of the subjects covered include:

Certification Fees

Your first attempt at the certification is free.

Any additional attempts is charged at $149 AUD per attempt.

From time to time, Mossé Cyber Security Institute may publish a new major version of the certification. Students can elect to retake the online assessment at a cost of $149 AUD to maintain the currency of their certification.

Terms and Conditions (Classroom Training)

Payment methods are either booking online via Event Brite or contacting us for an invoice.

Payment is required at the time of booking.

Cancellation notifications after 14 days prior to course commencement date are not eligible for refund.

Cancellations received between 15 and 28 days prior to course commencement will be charged 50% of the course fee.

Students are allowed 1 reschedule per class. Transfers received between 15 – 28 days prior to course commencement will be charged a $300 (incl GST) administrative fee. The new session date must be given at the time of the reschedule notification and rescheduled classes must be taken within 6 months of original scheduled date.

Transfers received 14 days or less prior to course commencement will be charged 50% of the course fee. The new session date must be given at the time of the reschedule notification and rescheduled classes must be taken within 6 months of original scheduled date.

Payment must be made in full prior to any rescheduling.

Student substitutions can be made in writing 48 hours prior to a class start.

If a student does not attend a scheduled session, there will be no refund or reschedule given. Payment is forfeited.
Mossé Security reserves the right to cancel a course and will endeavour to provide participants with as much notice as possible. Upon cancellation, any fees already paid by the participant will be refunded.

Programming Skills

We recommend that you have some experience in software programming prior to registering for this course.

The preferred programming languages for this course include: Python, PHP, and SQL.

Here's a list of things for you to confirm whether you're at the right level:

Write basic web applications in PHP or something equivalent

Have used and configured a database such as MySQL

Have written authentication pages and code to manage user sessions

Have written basic programs that offer and use web services

Be comfortable with command line utilities and tools

Be capable of installing Windows and Linux virtual machines in something like VirtualBox